CVE-2018-13099
- EPSS 2.5%
- Veröffentlicht 03.07.2018 10:29:00
- Zuletzt bearbeitet 21.11.2024 03:46:26
An issue was discovered in fs/f2fs/inline.c in the Linux kernel through 4.4. A denial of service (out-of-bounds memory access and BUG) can occur for a modified f2fs filesystem image in which an inline inode contains an invalid reserved blkaddr.
CVE-2018-10855
- EPSS 3.09%
- Veröffentlicht 03.07.2018 01:29:00
- Zuletzt bearbeitet 21.11.2024 03:42:08
Ansible 2.5 prior to 2.5.5, and 2.4 prior to 2.4.5, do not honor the no_log task flag for failed tasks. When the no_log flag has been used to protect sensitive data passed to a task from being logged, and that task does not run successfully, Ansible ...
CVE-2018-12896
- EPSS 0.64%
- Veröffentlicht 02.07.2018 17:29:00
- Zuletzt bearbeitet 21.11.2024 03:46:03
An issue was discovered in the Linux kernel through 4.17.3. An Integer Overflow in kernel/time/posix-timers.c in the POSIX timer code is caused by the way the overrun accounting works. Depending on interval and expiry time values, the overrun can be ...
CVE-2018-0499
- EPSS 1.45%
- Veröffentlicht 02.07.2018 12:29:00
- Zuletzt bearbeitet 21.11.2024 03:38:21
A cross-site scripting vulnerability in queryparser/termgenerator_internal.cc in Xapian xapian-core before 1.4.6 exists due to incomplete HTML escaping by Xapian::MSet::snippet().
CVE-2018-13053
- EPSS 0.51%
- Veröffentlicht 02.07.2018 12:29:00
- Zuletzt bearbeitet 21.11.2024 03:46:18
The alarm_timer_nsleep function in kernel/time/alarmtimer.c in the Linux kernel through 4.17.3 has an integer overflow via a large relative timeout because ktime_add_safe is not used.
CVE-2018-13043
- EPSS 2.48%
- Veröffentlicht 01.07.2018 22:29:00
- Zuletzt bearbeitet 21.11.2024 03:46:18
scripts/grep-excuses.pl in Debian devscripts through 2.18.3 allows code execution through unsafe YAML loading because YAML::Syck is used without a configuration that prevents unintended blessing.
CVE-2018-10860
- EPSS 48.72%
- Veröffentlicht 29.06.2018 19:29:00
- Zuletzt bearbeitet 21.11.2024 03:42:09
perl-archive-zip is vulnerable to a directory traversal in Archive::Zip. It was found that the Archive::Zip module did not properly sanitize paths while extracting zip files. An attacker able to provide a specially crafted archive for processing coul...
CVE-2018-13005
- EPSS 2.52%
- Veröffentlicht 29.06.2018 14:29:00
- Zuletzt bearbeitet 21.11.2024 03:46:14
An issue was discovered in MP4Box in GPAC 0.7.1. The function urn_Read in isomedia/box_code_base.c has a heap-based buffer over-read.
CVE-2018-13006
- EPSS 2.29%
- Veröffentlicht 29.06.2018 14:29:00
- Zuletzt bearbeitet 21.11.2024 03:46:14
An issue was discovered in MP4Box in GPAC 0.7.1. There is a heap-based buffer over-read in the isomedia/box_dump.c function hdlr_dump.
CVE-2018-12928
- EPSS 0.4%
- Veröffentlicht 28.06.2018 14:29:00
- Zuletzt bearbeitet 21.11.2024 03:46:07
In the Linux kernel 4.15.0, a NULL pointer dereference was discovered in hfs_ext_read_extent in hfs.ko. This can occur during a mount of a crafted hfs filesystem.